Updated: 17/08/2022 - Support for Gradle. Please note that the archive needs to be placed in ../../../source/target for it to work.
This is a sample pipeline that can be used for deploying an application to a WebSphere Liberty container and deploying it to OCP. The pipeline will do the following:
- Update the name of the project to lowercase and remove spaces.
- Download code from a Git repository
- Compile the code using Maven
- Use the Dockerfile to build a new tWAS image and store it in the OCP ImageStreams repository
- Create a WebSphere Liberty Instance based and have it running.
The first 3 items are done with Tasks from the Tekton Hub.
The OpenShift and Tekton CLIs are needed to run commands and setup the pipeline.
- Login to your OCP cluster
- Create a project (namespace) for the pipelines, if necessary
oc new-project <project> (was-liberty)
- Install the WebSphere Liberty Operator
oc apply -f tekton/was-liberty-install.yaml -n <project>
- Install the Tekton Pipeline.
oc apply -f tekton/tekton-pipelines-install.yaml
- Install the necessary Tekton Tasks from the Tekton Hub
tkn hub install task git-clone -n <project>
tkn hub install task maven -n <project>
tkn hub install task kaniko -n <project>
needed for gradle:
tkn hub install task gradle -n <project>
- Add task to format the app name (make lowercase, remove spaces)
oc apply -f tekton/was-pipeline-task-appname.yaml -n <project>
- Add the custom Task for Deployment
oc apply -f tekton/was-pipeline-task-deploy.yaml -n <project>
- Add the PersistentVolumeClaim used to share between tasks.
oc apply -f tekton/was-pipeline-pvc.yaml -n <project>
- Install the Pipeline
oc apply -f tekton/was-pipeline.yaml -n <project>
needed when using gradle:
oc apply -f tekton/was-pipeline-gradle.yaml -n <project>
To run the pipeline, a sample Pipeline Run is included
oc create -f tekton/was-pipeline-run.yaml -n <project>
In a true CI/CD pipeline developers would not be submitting a Pipeline Run with the necessary data to kick off a pipeline, they would use an EventListener that would take some inputs and start the Pipeline Run.
- Setup the necessary ServiceAccount and cluster secuity to receive events and act upon them. The file must be updated with the namespace used for the Pipeline for the security. Update
CHANGE_MEwith the appropriate namespace.
oc apply -f was-triggers-security.yaml -n <project>
- Add the Trigger Template, which is an outline of how to handle the Trigger and what to run, which is similar to the Pipeline Run
oc apply -f was-triggers-template.yaml -n <project>
- Add the necessary bindings for this specific application. This contains information to be passed to the Trigger Template
oc apply -f was-triggers-bindings.yaml -n <project>
- Add the EventListener, which will startup a Pod and service to listen to Events for the trigger. The Pod name will be prefixed with an
elwith the name of the EventListen. In this sample it is calledel-was-triggers-eventlistener. The Service is given the same name as the Pod.
oc apply -f was-triggers-eventlistener.yaml -n <project>
- Create a Route so that the Trigger can be called from outside the cluster.
oc apply -f was-triggers-route.yaml -n <project>
To test the Trigger, the Route endpoint can be called with the necessary JSON parameters.
ROUTE_HOST=$(oc get route el-was-triggers-listener -n <project> --template='http://{{.spec.host}}')
URL=https://github.com/bpaskin/WASLiberty-Tekton.git
curl -v -H 'X-GitHub-Event: pull_request' -H 'Content-Type: application/json' -d '{ "repository": {"clone_url": "'"${URL}"'"}, "pull_request": {"head": {"sha": "master1", "repo": {"name":"WASLiberty-TekTon"}}} }' ${ROUTE_HOST}
If the request is accepted successfully the HTTP response should be either a 201 Created or 202 Accepted.
The Pipeline can be started when a GitHub Pull is done. This will send a message to the Event Listener endpoint with some data. The repository name, SHA of the pull request and URL of the repository will be used in the pipeline.
- Go to the GitHub repository page in the web browser.
- Click the Settings tab.
- In the navigation pane, click Hooks.
- Click Add Webhook.
- In the Payload URL field, paste the webhook URL (output from the
oc get route el-was-triggers-listener -n <project> --template='http://{{.spec.host}}'command - In the Content type field, select JSON.
- Leave the Secret field empty
- In the options displayed, ensure that the Pull event is selected only.
- Ensure that the Active check box is selected. This option keeps the webhook enabled and sends notifications whenever an event is triggered.
- Click Add webhook to complete the configuration of the webhook in GitHub Enterprise.
Helpful while testing Tasks: tkn task start was-deploy-app --showlog
When using Git with a userid/token or with SSL Key, then a new Secret needs to be added, the Pipeline needs a new workspace and the Pipeline-Run needs to reference the workspace and the Secret. Have a look at the Git Clone task.
To containerize this application locally Git CLI, Maven, Java, and Podman or Docker are required. I tested this with Java 8, 11, and 17.
- Clone the repo:
git clone https://github.com/bpaskin/WASLiberty-Tekton.git
- Change directory
cd WASLiberty-Tekton
- Build and package with Maven
mvn package
- Create the image
podman/docker build -t modresorts .
- Start the container
podman/docker run -d --name modresorts -p 9080:9080 modresorts
- Test
http://hostname:9080